Summary
|
For Full-Text PDF, please login, if you are a member of IEICE, or go to Pay Per View on menu list, if you are a nonmember of IEICE. |
|
Leakage-Resilient and Proactive Authenticated Key Exchange (LRP-AKE), Reconsidered SeongHan SHIN Publication IEICE TRANSACTIONS on Information and Systems Vol.E104-D No.11 pp.1880-1893 Publication Date: 2021/11/01 Publicized: 2021/08/05 Online ISSN: 1745-1361 DOI: 10.1587/transinf.2021NGP0014 Type of Manuscript: Special Section PAPER (Special Section on Next-generation Security Applications and Practice) Category: Keyword: password, two-factor authentication, key exchange, leakage of stored secrets, credential services, provable security, Full Text: PDF>>
Summary: In [31], Shin et al. proposed a Leakage-Resilient and Proactive Authenticated Key Exchange (LRP-AKE) protocol for credential services which provides not only a higher level of security against leakage of stored secrets but also secrecy of private key with respect to the involving server. In this paper, we discuss a problem in the security proof of the LRP-AKE protocol, and then propose a modified LRP-AKE protocol that has a simple and effective measure to the problem. Also, we formally prove its AKE security and mutual authentication for the entire modified LRP-AKE protocol. In addition, we describe several extensions of the (modified) LRP-AKE protocol including 1) synchronization issue between the client and server's stored secrets; 2) randomized ID for the provision of client's privacy; and 3) a solution to preventing server compromise-impersonation attacks. Finally, we evaluate the performance overhead of the LRP-AKE protocol and show its test vectors. From the performance evaluation, we can confirm that the LRP-AKE protocol has almost the same efficiency as the (plain) Diffie-Hellman protocol that does not provide authentication at all. | |||||
|
